Techniques are disclosed for methods, architectures and security mechanisms for a third-party application to access content in a cloud-based platform. In one embodiment, a method includes, receiving, at the third-party application, metadata that identifies the file. The method further includes transmitting the metadata to a server which is associated with the third-party application. The metadata enables the server to request the file from the cloud-based environment.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for a third-party application to access to a file in a cloud-based environment, the method comprising: receiving, at the third-party application, metadata that identifies the file, wherein the metadata identifies the file by identifying at least one of a user, a workspace, and a security attribute associated with the file, wherein the metadata is received by the third-party application from a separate and distinct application of the cloud-based environment; transmitting the metadata to a server which is associated with the third-party application, wherein the metadata is utilized by the server to request the file from a host server that hosts the cloud-based environment; and receiving, at the third-party application, at least a portion of the file from the server to enable a user to perform one or more actions on the portion of the file.
2. The method of claim 1 , wherein the metadata is received from a client of the cloud-based environment.
3. The method of claim 1 , further comprising: transmitting an accessed portion of the file back to the host server for storage in the cloud-based environment.
4. The method of claim 1 , wherein the received portion of the file comprises information for creating a view of at least a partial content of the file.
5. The method of claim 1 , wherein the received portion of the file comprises data that are included in the file.
6. The method of claim 1 , further comprising: receiving, at the third-part application, an instruction from the cloud-based environment to delete the received portion of the file.
7. The method of claim 1 , wherein the security attribute restricts the third-party application from storing the received portion of the file back to the cloud-based environment.
8. The method of claim 1 , wherein the third-party application and the server associated with the third-party application are associated with a single entity.
9. The method of claim 1 , wherein the user associated with the file includes an owner or a collaborator of the file and wherein the security attribute associated with the file determines whether the portion of the file is storable by the third-party application.
10. A method for providing a third-party application with access to a file in a cloud-based environment, the method comprising: receiving, from the third-party application, metadata that identifies the file, wherein the metadata identifies the file by identifying at least one of a user, a workspace, and a security attribute associated with the file, wherein the metadata is received by the third-party application from a separate and distinct application of the cloud-based environment, and wherein the separate and distinct application is a mobile application operating on a mobile device; requesting the file from a host server which hosts the cloud-based environment by transmitting the metadata to the host server, wherein the server associated with the third-party application utilizes the metadata to request the file from the host server; receiving the file from the host server in response to the request; and transmitting at least a portion of the file to the third-party application for one or more actions to be performed on the portion of the file.
11. The method of claim 10 , further comprising: receiving an accessed portion of the file from the third-party application.
12. The method of claim 11 , further comprising: transmitting the received, accessed portion of the file to the host server.
13. The method of claim 10 , wherein the third-party application is listed in a list of approved third-party applications.
14. The method of claim 10 , wherein the user associated with the file includes an owner or a collaborator of the file and wherein the security attribute associated with the file determines whether the portion of the file is storable by the third-party application.
15. A non-transitory machine-readable storage medium having stored thereon instructions which, when executed by a processor, cause the processor to: receive, at the third-party application, metadata that identifies the file, wherein the metadata identifies the file by identifying at least one of a user, a workspace, and a security attribute associated with the file, wherein the metadata is received by the third-party application from a separate and distinct application of a cloud-based environment; transmit the metadata to a server which is associated with the third-party application, wherein the metadata is utilized by the server to request the file from a host server that hosts the cloud-based environment; and receive, at the third-party application, at least a portion of the file from the server to enable a user to perform one or more actions on the portion of the file.
16. The machine-readable storage medium of claim 15 , wherein the metadata is received from a client of the cloud-based environment.
17. The machine-readable storage medium of claim 15 , wherein the instructions further cause the processor to: transmit an accessed portion of the file back to the host server to save the transmitted, accessed portion of file to the cloud-based environment.
18. The machine-readable storage medium of claim 15 , wherein the user associated with the file includes an owner or a collaborator of the file and wherein the security attribute associated with the file determines whether the portion of the file is storable by the third-party application.
19. A non-transitory machine-readable storage medium having stored thereon instructions which, when executed by a processor, cause the processor to: receive, from the third-party application, metadata that identifies the file, wherein the metadata identifies the file by identifying at least one of a user, a workspace, and a security attribute associated with the file, wherein the metadata is received by the third-party application from a separate and distinct application of a cloud-based environment, and wherein the separate and distinct application is a mobile application operating on a mobile device; request the file from a host server which hosts the cloud-based environment by transmitting the metadata to the host server associated with the third-party application, wherein the server associated with the third-party application utilizes the metadata to request the file from the host server; receive the file from the host server in response to the request; and transmit at least a portion of the file to the third-party application for one or more actions to be performed on the portion of the file.
20. The machine-readable storage medium of claim 19 , wherein the instructions further cause the processor to: receive an accessed portion of the file from the third-party application.
21. The machine-readable storage medium of claim 20 , wherein the instructions further cause the processor to: transmit the received, accessed portion of the file to the host server.
22. The machine-readable storage medium of claim 19 , wherein the user associated with the file includes an owner or a collaborator of the file and wherein the security attribute associated with the file determines whether the portion of the file is storable by the third-party application.
23. A method for a third-party application on a client device to access content in a cloud-based environment, the method comprising: receiving, by a client application of the cloud-based environment, the content from an associated workspace in the cloud-based environment; receiving, by the client application, an authentication token used to decrypt the associated workspace; creating, by the client application, a key by hashing the authentication token with a timestamp; encrypting, by the client application, the content using the key; and providing, by the client application, the encrypted content, along with the hashed authentication token, to the third-party application on the client device to enable the third-party application to decrypt the encrypted content.
24. A non-transitory machine-readable storage medium having stored thereon instructions which, when executed by a processor, cause the processor to: at a client application of a cloud-based environment, receive a file from an associated workspace of the cloud-based environment; create a key based on hashing an authentication token used to decrypt the associated workspace and a timestamp; encrypt the file using the key; and provide the encrypted content, along with the hashed authentication token, to a third-party application.
25. The machine-readable storage medium of claim 24 , wherein the authentication token is retrieved from a local storage.
26. A method of providing a third-party application access to a file in a cloud-based environment, comprising: receiving, at a host server hosting the cloud-based environment, a request for a file, the request including metadata that identifies the file at the cloud-based environment; wherein the request is received from a third-party application server associated with a third-party application that utilizes the metadata to make the request, wherein the third-party application receives the metadata from a separate and distinct application of the cloud-based environment; and wherein the metadata identifies at least one of a user, a workspace, and a security attribute associated with the file; identifying the file requested by the third-party application server based on the metadata included in the request; and transmitting the file to the third-party application server to enable the file to be accessed or edited using the third-party application.
27. The method of claim 26 , wherein the user associated with the file includes an owner or a collaborator of the file and wherein the security attribute associated with the file determines whether the portion of the file is storable by the third-party application.
28. The method of claim 26 , further comprising: notifying a client of the cloud-based environment to reload the file from the cloud-based environment.
29. The method of claim 26 , further comprising: at the host server, keeping a history of the file access, the history including at least information regarding which third-party application accessed what file.
30. A non-transitory machine-readable storage medium having stored thereon instructions which, when executed by a processor, cause the processor to: receive a request for a file from a third-party application server associated with a third-party application, the request including metadata that is utilized by the third-party application server to request the file from the cloud-based environment; wherein the metadata identifies at least one of a user, a workspace, and a security attribute associated with the file, wherein the third-party application receives the metadata from a separate and distinct application of the cloud-based environment; identify the file requested by the third-party application server based on the metadata included in the request; and transmit the file to the third-party application server to enable the file to be accessed or edited using the third-party application.
31. The machine-readable storage medium of claim 30 , wherein the user associated with the file includes an owner or a collaborator of the file and wherein the security attribute associated with the file determines whether the portion of the file is storable by the third-party application.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
May 20, 2013
March 8, 2016
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.